Are you wondering where you should put your Blue Coat [Packeteer] PacketShaper and your in-line proxy / cache in your network?
The PacketShaper should be as close to the router (or firewall) as possible. The proxy or cache (if it sits in-line) should sit on the LAN side of the PacketShaper.
INTERNET <-> ROUTER <-> FIREWALL <-> PACKETSHAPER <-> WEB CACHE/PROXY <-> LAN
Can the Shaper and Cache deployment be reversed? Yes, but you will be shaping requests made to the cache. There can be some advantages to this deployment if you are attempting to shape individual connections to the web.
I prefer the cache inside and to see all web connections originating from the proxy.
If your web cache/proxy [Blue Coat, Barracuda, Ironport, etc] supports WCCP v2, you can use your PacketShaper to hand off all port 80 requests to your web filter. In this setup, you usually do not need your web proxy in-line any more.
For this article I use the terms web cache, web proxy and web filter interchangably — if you are using a good one it is all of those things.
